From 6b41920bd5c68998a53de749b4fe5c0b8875db6c Mon Sep 17 00:00:00 2001 From: Martin Liska Date: Tue, 12 May 2020 10:23:09 +0200 Subject: [PATCH] ASAN: clear DECL_NOT_GIMPLE_REG_P. PR sanitizer/95033 PR sanitizer/95051 * sanopt.c (sanitize_rewrite_addressable_params): Clear DECL_NOT_GIMPLE_REG_P for argument. PR sanitizer/95033 PR sanitizer/95051 * g++.dg/asan/function-argument-4.C: New test. * gcc.dg/asan/pr95033.c: New test. * gcc.dg/asan/pr95051.c: New test. --- gcc/ChangeLog | 7 +++++ gcc/sanopt.c | 1 + gcc/testsuite/ChangeLog | 8 ++++++ .../g++.dg/asan/function-argument-4.C | 26 +++++++++++++++++++ gcc/testsuite/gcc.dg/asan/pr95033.c | 13 ++++++++++ gcc/testsuite/gcc.dg/asan/pr95051.c | 22 ++++++++++++++++ 6 files changed, 77 insertions(+) create mode 100644 gcc/testsuite/g++.dg/asan/function-argument-4.C create mode 100644 gcc/testsuite/gcc.dg/asan/pr95033.c create mode 100644 gcc/testsuite/gcc.dg/asan/pr95051.c diff --git a/gcc/ChangeLog b/gcc/ChangeLog index 751b71d5710..72b56ad6f2e 100644 --- a/gcc/ChangeLog +++ b/gcc/ChangeLog @@ -1,3 +1,10 @@ +2020-05-12 Martin Liska + + PR sanitizer/95033 + PR sanitizer/95051 + * sanopt.c (sanitize_rewrite_addressable_params): + Clear DECL_NOT_GIMPLE_REG_P for argument. + 2020-05-12 Richard Sandiford PR tree-optimization/94980 diff --git a/gcc/sanopt.c b/gcc/sanopt.c index 86180e32c7e..6c3bce92378 100644 --- a/gcc/sanopt.c +++ b/gcc/sanopt.c @@ -1158,6 +1158,7 @@ sanitize_rewrite_addressable_params (function *fun) && TREE_CODE (TYPE_SIZE (type)) == INTEGER_CST) { TREE_ADDRESSABLE (arg) = 0; + DECL_NOT_GIMPLE_REG_P (arg) = 0; /* The parameter is no longer addressable. */ has_any_addressable_param = true; diff --git a/gcc/testsuite/ChangeLog b/gcc/testsuite/ChangeLog index 0c8a73a30a4..05952acab92 100644 --- a/gcc/testsuite/ChangeLog +++ b/gcc/testsuite/ChangeLog @@ -1,3 +1,11 @@ +2020-05-12 Martin Liska + + PR sanitizer/95033 + PR sanitizer/95051 + * g++.dg/asan/function-argument-4.C: New test. + * gcc.dg/asan/pr95033.c: New test. + * gcc.dg/asan/pr95051.c: New test. + 2020-05-12 Jakub Jelinek PR c++/95063 diff --git a/gcc/testsuite/g++.dg/asan/function-argument-4.C b/gcc/testsuite/g++.dg/asan/function-argument-4.C new file mode 100644 index 00000000000..cec1f1d788f --- /dev/null +++ b/gcc/testsuite/g++.dg/asan/function-argument-4.C @@ -0,0 +1,26 @@ +// { dg-do run } +// { dg-shouldfail "asan" } + +#include + +static __attribute__ ((noinline)) long double +goo (long double _Complex *a) +{ + return crealf(*(volatile _Complex long double *)a); +} + +__attribute__ ((noinline)) float +foo (float _Complex arg) +{ + return goo ((long double _Complex *)&arg); +} + +int +main () +{ + return foo (3 + 2 * I); +} + +// { dg-output "ERROR: AddressSanitizer: stack-buffer-overflow on address.*(\n|\r\n|\r)" } +// { dg-output "READ of size \[0-9\]* at.*" } +// { dg-output ".*'arg' \\(line 13\\) <== Memory access at offset \[0-9\]* partially overflows this variable.*" } diff --git a/gcc/testsuite/gcc.dg/asan/pr95033.c b/gcc/testsuite/gcc.dg/asan/pr95033.c new file mode 100644 index 00000000000..1228b7edcdb --- /dev/null +++ b/gcc/testsuite/gcc.dg/asan/pr95033.c @@ -0,0 +1,13 @@ +/* PR sanitizer/95033 */ +/* { dg-do compile } */ +/* { dg-options "-fsanitize=address" } */ + +struct a +{ + int b; +}; + +struct a c(_Complex d) +{ + return *(struct a *)&d; +} diff --git a/gcc/testsuite/gcc.dg/asan/pr95051.c b/gcc/testsuite/gcc.dg/asan/pr95051.c new file mode 100644 index 00000000000..ec41a831299 --- /dev/null +++ b/gcc/testsuite/gcc.dg/asan/pr95051.c @@ -0,0 +1,22 @@ +/* PR sanitizer/95051 */ +/* { dg-do compile } */ +/* { dg-options "-fsanitize=kernel-address --param=asan-stack=1 -O2" } */ + +struct a { + struct { + struct { + int b; + } c; + }; +}; +struct d { + struct { + int e; + } f; +} + +g(int h) { + struct a *i; + struct d *j = (struct d*)&h; + i->c.b = j->f.e; +} -- 2.30.2